GadgetBond

  • Latest
  • How-to
  • Tech
    • AI
    • Amazon
    • Apple
    • CES
    • Computing
    • Creators
    • Google
    • Meta
    • Microsoft
    • Mobile
    • Samsung
    • Security
    • Xbox
  • Transportation
    • Audi
    • BMW
    • Cadillac
    • E-Bike
    • Ferrari
    • Ford
    • Honda Prelude
    • Lamborghini
    • McLaren W1
    • Mercedes
    • Porsche
    • Rivian
    • Tesla
  • Culture
    • Apple TV
    • Disney
    • Gaming
    • Hulu
    • Marvel
    • HBO Max
    • Netflix
    • Paramount
    • SHOWTIME
    • Star Wars
    • Streaming
Add GadgetBond as a preferred source to see more of our stories on Google.
Font ResizerAa
GadgetBondGadgetBond
  • Latest
  • Tech
  • AI
  • Deals
  • How-to
  • Apps
  • Mobile
  • Gaming
  • Streaming
  • Transportation
Search
  • Latest
  • Deals
  • How-to
  • Tech
    • Amazon
    • Apple
    • CES
    • Computing
    • Creators
    • Google
    • Meta
    • Microsoft
    • Mobile
    • Samsung
    • Security
    • Xbox
  • AI
    • Anthropic
    • ChatGPT
    • ChatGPT Atlas
    • Gemini AI (formerly Bard)
    • Google DeepMind
    • Grok AI
    • Microsoft Copilot
    • OpenAI
    • Perplexity
    • xAI
  • Transportation
    • Audi
    • BMW
    • Cadillac
    • E-Bike
    • Ferrari
    • Ford
    • Honda Prelude
    • Lamborghini
    • McLaren W1
    • Mercedes
    • Porsche
    • Rivian
    • Tesla
  • Culture
    • Apple TV
    • Disney
    • Gaming
    • Hulu
    • Marvel
    • HBO Max
    • Netflix
    • Paramount
    • SHOWTIME
    • Star Wars
    • Streaming
Follow US
BusinessMicrosoftSecurityTech

Microsoft Entra ID trashes text-code logins for good

We’ve been told for a decade that SMS codes were safe enough, but a new era of automated cyberattacks has forced a structural rewrite of enterprise security.

By
Shubham Sawarkar
Shubham Sawarkar's avatar
ByShubham Sawarkar
Editor-in-Chief
I’m a tech enthusiast who loves exploring gadgets, trends, and innovations. With certifications in CISCO Routing & Switching and Windows Server Administration, I bring a sharp...
Follow:
- Editor-in-Chief
Jul 14, 2026, 6:28 AM EDT
Share
We may get a commission from retail offers. Learn more
Microsoft Entra ID illustration highlighting identity protection and secure access across users, devices, applications, Active Directory, multicloud environments, cloud and AI apps, Microsoft 365, and on-premises systems.
Image: Microsoft
SHARE

The era of the shared secret is officially winding down. In a move that signals a massive shift in how corporate America—and, by extension, much of the global workforce—logs into work, Microsoft has announced that passkeys will now be the default authentication method for Microsoft Entra ID.

For the uninitiated, Microsoft Entra ID (formerly Azure Active Directory) is the invisible engine behind the scenes for countless organizations, managing the digital identities and permissions of millions of employees. Up until now, if your company required multifactor authentication (MFA), you likely received a six-digit code via SMS or a phone call to prove you were who you said you were. But starting September 1, 2026, Microsoft will begin automatically nudging users toward passkeys instead.

To understand why this matters, you have to look at how the threat landscape has shifted over the last couple of years. We’ve all been told for a decade that SMS-based two-factor authentication is better than nothing, and it was. It stopped basic, automated hacking attempts in their tracks. But in the era of weaponized AI, traditional MFA is showing its age.

According to Microsoft’s latest Digital Defense Report, AI-driven phishing campaigns are currently seeing click-through rates as high as 54%. Compare that to the 12% click-through rate of old-school, poorly translated phishing emails of yesteryear. Attackers are no longer just guessing passwords; they are using sophisticated, automated tactics to intercept SMS codes, pull off SIM-swapping scams, or deploy “adversary-in-the-middle” attacks that trick users into handing over their session tokens. Once a single corporate identity is compromised, an AI-powered cyberattack can automate privilege escalation and lateral movement across a company’s network faster than a human security team can even register the alert.

This is where passkeys come in. Built on public-key cryptography, passkeys are inherently phishing-resistant. Unlike a password or a text code, there is no “secret” shared between you and the server that a bad actor can intercept or trick you into typing onto a fake website. The private key stays securely on your device—whether that’s your phone, a laptop, or a physical hardware key—and unlocks using your biometric data (like a fingerprint or facial scan) or a local PIN. If a hacker directs you to a pixel-perfect replica of your company’s login page, a passkey simply won’t work because the cryptography ties the login directly to the legitimate web domain. It completely breaks the mechanics of modern phishing.

Microsoft’s rollout plan is aggressive but calculated. When the September deadline hits, users who still rely on SMS or voice authentication will automatically have passkeys enabled on the backend. The next time they log in and trigger an MFA prompt, they’ll be guided through a registration campaign to set up a passkey on their device.

But the real kicker comes a few months later. On February 1, 2027, Microsoft is entirely retiring its native, telecom-provided SMS and voice delivery system. It’s a bold line in the sand. If an organization has a strict regulatory, technical, or operational reason to keep legacy SMS or voice verification alive, they will have to go out of their way to contract with a third-party carrier through the Microsoft Security Store and foot the bill for the telecom costs themselves.

For the average employee, this transition will likely feel like a rare security upgrade that actually makes life easier. Instead of scrambling for a phone, waiting for a text message, and racing to type in a crumbling six-digit code before it expires, logging in will look a lot like unlocking a smartphone—a quick glance at a camera or a thumbprint on a sensor, and you’re in.

Security professionals have spent years preaching that the best security is the kind that users don’t actively try to bypass. By making the most secure method also the most seamless, Microsoft isn’t just updating a default setting; they’re fundamentally rewriting the playbook on corporate cybersecurity for the AI era.


Discover more from GadgetBond

Subscribe to get the latest posts sent to your email.

Topic:Passkeys
Leave a Comment

Leave a ReplyCancel reply

Most Popular

Grok 4.5 lands in Perplexity Computer for Pro, Max, and Enterprise users

Windows Search Box update prioritizes speed and simplicity

Claude Code gets an in-app browser

Claude Code adds multiplayer editing and public artifact sharing

Microsoft Entra ID trashes text-code logins for good

Also Read
Samsung Bespoke AI washer and dryer lineup for 2026 installed beneath a modern staircase, featuring matching graphite-finish front-load appliances with AI displays, integrated shelving, and built-in ambient lighting in a contemporary home laundry space.

A look at Samsung’s sleek new Bespoke AI laundry lineup

Waze app displaying the new motorcycle mode with a Gemini AI-powered route recommendation, highlighting the fastest 19-minute route, alternate routes, and motorcycle-specific navigation options.

Waze finally adds a dedicated motorcycle mode

Perplexity Mac app displaying the new multiple account switcher, allowing users to quickly switch between accounts, add a new account, manage credits, and access settings from a single dropdown menu.

Perplexity adds multi-account support to the Mac app

The classic Apple logo, shown in light silvery-blue, set against a black background. The logo has a clean, minimalist design featuring the iconic bitten apple silhouette with a soft, matte finish.

OpenAI faces Apple suit linked to unreleased device plans

Blue building facade featuring a large white Meta infinity logo centered on a dark blue panel, with blurred pedestrians walking past on the right side and reflections of cars and street details on the left.

Meta’s hook: the feed that never stops

Top-down nighttime view of SpaceX Starship standing on the launch pad, surrounded by illuminated ground equipment, thick clouds of venting vapor, and dramatic lighting before launch.

SpaceX and ispace book 500kg of cargo for a Moon landing by 2030

Mark Zuckerberg

Meta wants to turn the future into a feed. Naturally, Zuckerberg is in charge.

Two MacBook Pro laptops in the Apple store on Kurfürstendamm.

Americans are turning to the secondhand market for better tech deals

Company Info
  • Homepage
  • Support my work
  • Latest stories
  • Company updates
  • GDB Recommends
  • Daily newsletters
  • About us
  • Contact us
  • Write for us
  • Editorial guidelines
Legal
  • Privacy Policy
  • Cookies Policy
  • Terms & Conditions
  • DMCA
  • Disclaimer
  • Accessibility Policy
  • Security Policy
  • Do Not Sell or Share My Personal Information
Socials
Follow US

Disclosure: We love the products we feature and hope you’ll love them too. If you purchase through a link on our site, we may receive compensation at no additional cost to you. Read our ethics statement. Please note that pricing and availability are subject to change.

Copyright © 2026 GadgetBond. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | Do Not Sell/Share My Personal Information.